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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 

WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )[3 Responsive to communication(s) filed on 18 August 2003 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) D Claim(s) 1-26 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) IEI Claim(s) 1-26 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) Q Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10) E3 The drawing(s) filed on 18 August 2003 is/are: a)S accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the'drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



Claims 1-26 have been examined. 

Information Disclosure Statement PTO-1449 

1 . The Information Disclosure Statement submitted by applicant on 07/25/2005, 
8/10/2005, and 2/13/2004 has been considered. Please see attached PTO-1449. 



Claim Rejections - 35 USC § 101 

2. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claims 1-26 are rejected under 35 U.S.C. 101 because the claimed invention is directed 

to non-statutory subject matter. 

2.1 . Claim limitations are directed to several data structures storing access control 
data. Storage of data does not produce a tangible result. Note that a system for user 
access control is a statutory subject matter, but a storage system to store access 
control data is not. 

2.2. Claim limitations include "propagated signal". Propagated signals include 
Electromagnetic signals which are not statutory subject matter. 
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Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this 
title before the invention thereof by the applicant for patent. 

4. Claims 1 to 26 are rejected under 35 U.S.C. 102(e) as being anticipated by 
applicants' admitted prior art, Griffin (US Patent Application Publication No. 
2002/0178119, filed May 24, 2001). 

4.1 As per claim 1 , Griffin is directed to a computer-readable storage medium having 
data structures stored thereon (Griffin is directed to a system for using databases 
(parag. 2), which are stored in storage system (parag 19 and Fig. 1A) or a computer- 
readable propagated signal having data structures, the data structures comprising: an 
access control group data structure to store access control group data (Griffin teaches a 
role-based access control system (parag. 37), which performs access control using 
roles (item 302) arid capabilities (item 304), as described in parag. 31, 32 and 38. 
Capabilities 304 identifies access control rules (parag. 38) in a database); a user access 
data structure to store user access data (principal 310 as described in parag 38 and 39) 
wherein the user access data relates to at least one entry in the access control group 



Application/Control Number: 10/642,499 Page 4 

Art Unit: 2132 

data structure (per paragraph 38, each role is assigned to one or multiple principals. 
The database of principals is related to roles, which is a set of capabilities (parag. 38), 
and therefore principals are related to capabilities); and a data object access data 
structure to store data object access data (resource 306) wherein the data object 
access data relates to at least one entry in the access control group data structure (per 
paragraph 41 , capabilities define access rules to resources, therefore resources are 
related to capabilities). 

4.2. As per claims 2, 3 and 4, Griffin is directed to the medium or propagated signal of 
claim 1 wherein at least one entry in the access control group data includes a 
characteristic for use in determining at least one entry in the user access data structure 
or in the data object access data structure that relates to the at least one entry in the 
access control group data structure (as indicated in Fig. 3 and associated text, Griffin 
teaches role and capability filters that associate characteristics of user data or 
resources to roles and capabilities (see parag. 40-46). Based on the attributes of 
principals and resources, filters associate a role or a resource to a capability). 

4.3. As per claims 5, 6, and 7, Griffin is directed to he medium or propagated signal of 
claim 1 wherein at least one entry in the access control group data structure includes an 
indication of an access control rule for use in determining: at least one entry in the user 
access data structure that relates to the at least one entry in the access control group 
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data structure, and at least one entry in the data object data structure that relates to the 
at least one entry in the access control group data structure (as mentioned in response 
to claims 2-4, filters relate a characteristic to relate an entry in resource/principal 
(data/user) databases to an entry in capabilities (access control group) database. The 
filters use an indication of a relationship between entries of databases to make a 
connection). 

4.4. As per claim 8, Griffin is directed to the medium or propagated signal of claim 1 
further comprising an access rule data structure to store access control rule data 
wherein the access control rule data relates to at least one entry in the access control 
group data structure (Griffin's capabilities include access rules to determine if access to 
a specific resource is allowed for a specific principal (user). 

4.5. As per claims 9, Griffin is directed to the medium or propagated signal of claim 8 
wherein at least one entry in the access rule data structure includes an indication of 
action that is permitted to be performed for at least one entry in the data object access 
data structure (capabilities include an indication of an action that is permitted to be 
performed to a resource). 

4.6. As per claim 10, Griffin is directed to the medium or propagated signal of claim 8 
wherein at least one entry in the access rule data structure includes an indication of how 
to determine at least one entry in the data object access data structure that relates to at 
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least one entry in the access control group data structure (rule data structure is part of 
Griffin's capabilities data structure, which per response to claims 5-7 an indication to 
determine how one entry in the data object access data structure relates to one entry in 
the capabilities data base). 

4.7. As per claim 1 1 , Griffin is directed to the medium or propagated signal of claim 8 
wherein at least one entry in the access rule data structure includes an indication of how 
to determine at least one entry in the user access data structure that relates to at least 
one entry in the access control group data structure (rule data structure is part of 
Griffin's capabilities data structure, which per response to claims 5-7 an indication to 
determine how one entry in the user access data structure relates to one entry in the 
capabilities data base). 

4.8. As per claim 12, Griffin is directed to the medium or propagated signal of claim 1 
wherein each of the access control group data structure, the user access data structure, 
and the data object access data structure are each separately maintainable from each 
of the other data structures (parag. 35 shows each data structure can.be configured 
independently from the others, and relationships established by filters). 

4.9. As per claim 13, Griffin is directed to the medium or propagated signal of claim 1 
wherein each of the user access data structure and the data object access data 
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structure are separately maintainable from the other data structure (see response to 
claim 12). 

4.10. As per claim 14, Griffin is directed to the medium or propagated signal of claim 
13 wherein a change in the user access data stored in the user access data structure 
does not necessitate a change in the data object access data stored in the data object 
access data structure to maintain desired control over access by particular users to 
particular data objects (see response to claim 13. As the databases are independent 
from one another, change in one does not necessitate change in other). 

4.1 1 . As per claim 15, Griffin is directed to the medium or propagated signal of claim 
13 wherein a change in the data object access data stored in the data object access 
data structure does not necessitate a change in the user access data stored in the user 
access data structure to maintain desired control over access by particular users to 
particular data objects (see response to claim 14). 

4.12. As per claim 16, Griffin is directed to a computer-readable storage medium 
having data structures stored thereon or a computer-readable propagated signal having 
data structures, the data structures comprising: an access control rule data structure to 
store access control rule data (see response to claims 1-15, and note that the 
capabilities data base contains access control rules); and a characteristic method data 
structure to store characteristic method data wherein the characteristic method data 
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relates to at least one entry in the access control rule data structure (resource data base 
contains characteristics data that relates to capabilities data base entries. Filters create 
association between capabilities and resources based on characteristics of resources, 
such as the role of a resource (printer manager) or time limits to login as mentioned in 
parag. 41) 

4.13. As per claim 17, Griffin is directed to the medium or propagated signal of claim 

16 further comprising a user data structure to store user data (principal 310 as 
described in claims 1). 

4.14. As per claim 18, Griffin is directed to the medium or propagated signal of claim 

17 wherein at least one entry in the characteristic method data structure includes an 
indication of a method to determine a user characteristic associated with at least one 
entry in the user data structure. 

4.15 As per claim 20, Griffin is directed to the medium or propagated signal of claim 

18 wherein at least one entry in the characteristic method data structure includes an 
indication of a criterion for use in eliminating at least one entry in the data object data 
structure when using the method to determine a user characteristic (parag. 48 shows 
active role processing examines deletion of entries in the resource data structure, and 
runs filters to reflect the changes (deletion) in other databases, therefore there is an 
indication of deletion of entries in resource database in the roles database) 
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4.16. Limitations of claims 19, 21-26 are substantially the same as limitations of claims 
1-18 and 20 above. 



Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Farid Homayounmehr whose telephone number is 571 
272 3739. The examiner can normally be reached on 9 hrs Mon-Fri, off Monday 
biweekly. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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